(19) 


J 


EuropaMsches Paten tarn t 
European Patent Office 
Office euro pee n des brevets 


HlllVlilllllilllllll 


(12) 


(H) EP 1 168 137 A1 

EUROPEAN PATENT APPLICATION 


Date of nublicatiorv 

intn7. ftnfiP 1/fifl anKK 7/nn 
[o\) iniui/. uuor i/uu, ouor\ //uu, 

02.01.2002 Bulletin 2002/01 

G11B 20/00 

(21) Application number: 01112947.5 


(22) Date of filing: 06.06.2001 


(84) Designated Contracting States: 

(71) Applicant: IPM-NET S.p.A. 

AT BE CH CY DE DK ES Fl FR GB GR IE IT LI LU 

80022 Arzano (Prov. of Napoll) (IT) 

MC NL PT SE TR 


Designated Extension States: 

(72) Inventor: Delia Valle, Stefano 

AL LT LV MK RO SI 

20043 Arcore (IT) 

(30) Priority: 23.06.2000 IT MI001425 

(74) Representative: Modiano, Guldo, Dr.-lng. et al 


Modlano & Assoclatl SpA Via Meravlgll, 16 


20123 Mllano (IT) 


(54) Smart card reader with usb interface for connection to personal computers and the like 


(57) A smart card reader (1 ) suitable to be connect- 
ed to a personal computer, comprising at least one con- 
nector (3) adapted to be connected to a communication 
port of the computer and at least one smart card which, 


when activated, is suitable to enable a communication 
between the reader (1) and the personal computer, in 
order to allow a user to access an application program 
installed on the personal computer. 
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Description 

[0001] The present invention relates to a smart card 
reader with USB interface, for connection to personal 
computers and the like. 5 
[0002] It is known that software houses need to copy- 
protect their programs, which require hundreds of man- 
hours to be developed. 

[0003] Illegal copying of programs is one of the factors 
that leads to extremely high costs for software. Accord- 
ingly, it seems absolutely necessary for software houses 
to find a system which allows them to avoid fraudulent 
duplication of said programs. 

[0004] Currently, one of the most widely used systems 
consists in providing electronic keys which are generally 
connected to the parallel port of the computer; without 
said keys, the software program does not run. 
[0005] Such electronic keys are hardware compo- 
nents dedicated expressly to an appropriately provided 
computer and/or program, since they have wiring which 
corresponds to the hardware structure of the computer 
proper and to software control functions. 
[0006] Accordingly, one of the drawbacks suffered by 
hardware keys thus conceived is that they are expressly 
dedicated to a single computer, so that they cannot be 
used on different computers and cannot be repro- 
g rammed in any way. 

[0007] Another drawback of conventional electronic 
keys is that an expert in the field can duplicate the hard- 
ware configuration of the electronic key and therefore 
bypass the protection devised by the software house for 
its program. 

[0008] Moreover, conventional electronic keys cannot 
be personalized by the user; it is therefore impossible 
to determine unequivocally whether the user who is us- 
ing the key is the one who is authorized to do so. 
[0009] Accordingly, for example if the electronic key 
is lost, anyone can use a given program already in- 
stalled on a personal computer, with the dedicated key. 
[0010] This of course entails a fault in data security, 
since the user has no assurance that his program can- 
not be run in any way by unauthorized individuals, since 
operation is entrusted exclusively to the electronic key, 
which if lost can be used by anyone on the personal 
computer on which said program is installed. 
[0011] The aim of the present invention is to provide 
a smart card reader with USB interface which allows to 
connect to the personal computer an electronic key for 
enabling the operation of a given software program or 
of the entire personal computer and in which the smart 
card is able to interact with the control application or 
software installed on the computer. 
[0012] Within this aim, an object of the present inven- 
tion is to provide a smart card reader with USB interface 
for connection to a personal computer which is provided 
with means for unequivocal identification of the user, ca- 
pable of enabling the operation of a given software ap- 
plication or of the entire system only if the user who is 


using the smart card reader is the one who is actually 
authorized to do so. 

[0013] Another object of the present invention is to 
provide a smart card reader which allows to use the 
same reader on different personal computers without 
the need to install appropriate software. 
[0014] Another object of the present invention is to 
provide a smart card reader for connection to a personal 
computer and the like which is highly reliable, and be 
relatively simple to manufacture and at competitive 
costs. 

[001 5] This aim and these and other objects which will 
become better apparent hereinafter are achieved by a 
smart card reader suitable for connection to a personal 
computer, characterized in that it comprises at least one 
connector adapted to be connected to a communication 
port of said computer and at least one smart card which, 
when activated, is suitable to enable a communication 
between the reader and the personal computer, in order 
to allow a user to access an application program in- 
stalled on such personal computer. 
[0016] Further characteristics and advantages of the 
present invention will become better apparent from the 
description of preferred but not exclusive embodiments 
of the smart card reader according to the present inven- 
tion, illustrated only by way of non-limitative example in 
the accompanying drawings, wherein: 

Figure 1 is a top plan view of the card reader ac- 
cording to the present invention; 
Figure 2 is a side view of the device of Figure 1 ; 
Figure 3 is a bottom plan view of the card reader 
according to the present invention; and 
Figure 4 is a block diagram of the card reader ac- 
cording to the present invention. 

[0017] With reference to the figures, the smart card 
reader according to the present invention, generally 
designated by the reference numeral 1 , comprises an 
external container 2 which has, in a protruding position, 
a connector 3, preferably of the USB type, for connec- 
tion to a standard port of a personal computer or the like. 
[0018] The body 2 has, in an upward region and below 
the connector 3, at least one slot 4 which allows to insert 
a smart card 5 in which the application program for com- 
munication with the personal computer is stored. 
[0019] Conveniently, the container 2 can be provided, 
in a downward region, with a window 6 which allows to 
view the smart card 5 inserted in the slot 4. 
[0020] Preferably, the smart card can be of the SIM 
(Subscriber Identity Module) type. 
[0021 ] Moreover, the smart card reader 1 is preferably 
provided with at least one LED 7 which is suitable to 
indicate to the user that a correct connection is present, 
by means of the USB connector 3, between the reader 
1 and the personal computer. 

[0022] Access to the personal computer or to an ap- 
plication running on the personal computer is enabled 
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by the smart card 5 without further interaction by the us- 
er or, if provided by the system, by entering a PIN (Per- 
sonal Identification Number) by means of the keyboard 
of the personal computer. 

[0023] Accordingly, in this first embodiment of the 5 
reader according to the invention, the smart card 5 al- 
lows to perform an advanced interaction with the soft- 
ware application installed on the personal computer In 
particular, a portion of the application program installed 
on the personal computer can be stored on the smart 
card, so that if the reader 1 is not present the program 
that is present on the personal computer is completely 
unusable because part of it is missing. 
[0024] A second embodiment of the reader according 
to the present invention provides, instead of entering the 
PIN to enable the smart card, or alternatively in addition 
thereto, an internal enabling function by direct identifi- 
cation of the user by the reader 1 . 
[0025] For this purpose sensor means 8 are provided, 
which are arranged for example at the upper face of the 
container 1 , by which it is possible to detect the print of 
one of the user's fingers, for example the thumb. 
[0026] Figure 4 illustrates, as a block diagram, a pos- 
sible implementation of the reader according to the 
present invention. 

[0027] In this block diagram, the sensor means 8 is 
connected to microprocessor means 9, which are in turn 
connected to memory means 1 0. In this case, the mem- 
ory means 10 contain the user's fingerprint, which is 
compared in each instance, by the microprocessor 
means 9, with the print left by the user on the sensor 
means 8 by resting his finger on said sensor means. 
[0028] Accordingly, access to the smart card is ena- 
bled, in this manner, thanks to a method which allows 
to ensure the inviolability of the system. 
[0029] In fact it is known that fingerprints cannot be 
duplicated and therefore recognition of the user's finger- 
print by the sensor means 8 gives the user the assur- 
ance that the reader cannot be used fraudulently. 
[0030] In this case, therefore, it would be possible to 
avoid the need to memorize a PIN and enter it each time 
in order to access the functions of the smart card 5. 
[0031 ] Since the information (data) related to the fin- 
gerprints of the owner of the reader 1 are stored in the 
reader itself, and more specifically in the memory means 
1 0, they cannot be accessed in any way. 
[0032] Since security is ensured by elements which 
are all contained in the reader according to the inven- 
tion, it can be transferred from one personal computer 
to another and used by a same user regardless of the 
workstation, without the need to install appropriate soft- 
ware for each different key on each specific personal 
computer. 

[0033] A third embodiment of the smart card reader 
according to the present invention provides for the ad- 
dition of application or identification selection means 11 
which, by being moved to different positions, allow to 
enable a corresponding number of PINs. 


[0034] The application selection means 11 are asso- 
ciated with the sensor means 8; therefore, once the us- 
er's fingerprint has been recognized, the PIN that cor- 
responds to the position indicated by the selection 
means 11 is sent to the smart card 5. 
[0035] This allows to use different smart cards 5, each 
with its own specific PIN, or a multiple-application smart 
card, in which each application has a separate PIN 
which can be selected by the selection means 11 . 
[0036] The selection means 11 are operatively con- 
nected to the microprocessor means 9, as already 
shown in Figure 4; such means are in turn connected to 
an internal bus 12, which connects the microprocessor 
means 9 to the sensor means 8, to the memory means 
1 0 and to second microprocessor means 1 3, which con- 
trol the connection means 3 which allow the connection 
of the reader 1 to the USB serial port of a personal com- 
puter 15. 

[0037] The reference numeral 5 (Figure 4) illustrates, 
like in the preceding figures, the smart card, inserted in 
a smart card reader, which is designated by the refer- 
ence numeral 1 6 and is accommodated in the container 
2 and connected to a driver 1 7 of the smart card 5, being 
in turn connected to the internal bus 12 of the reader. 
[0038] The second microprocessor means 13 are 
adapted to handle communication toward the personal 
computer 15, while the smart card 5 has an additional 
microprocessor, schematically designated by the refer- 
ence numeral 18 for the sake of simplicity, which is 
adapted to interface the first and second microproces- 
sor means 9 and 13 with the smart card 5. 
[0039] With reference to the above cited figures, the 
operation of the reader according to the invention is as 
follows. 

[0040] First of all, an initialization step is performed; 
during this step, after connecting the reader 1 to the USB 
serial port of the computer 1 5, by means of the USB con- 
nectors, an appropriate software program interacts with 
the microprocessor means 9, which compare the finger- 
print stored in the memory means 10 with the print of 
the finger detected by the sensor means 8. 
[0041 ] At this point, the software program activates a 
function for processing the fingerprint by means of the 
first microprocessor means 9, and if the quality of the 
detected fingerprint is sufficient, the first microprocessor 
means 9 send a confirmation message to the software 
program. 

[0042] The significant features of the fingerprint are 
encrypted and stored in the memory means 10. 
[0043] Finally, the software program communicates a 
PIN code of the associated smart card 5. The PIN is en- 
crypted and stored. 

[0044] The PIN for enabling the smart card 5 can be 
sent, as mentioned, either by manually entering it or by 
providing for the automatic sending of the PIN by the 
first microprocessor means 9, after the user's fingerprint 
has been recognized by the sensor means 8. 
[0045] In this case, the smart card replies to the un- 
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lock request exactly as if the PIN had been entered by 
means of the keyboard of the personal computer 15. 
[0046] If the selection means 11 are present, at this 
point it is possible to select, in each instance, the send- 
ing of a chosen PIN , selected by the selection means 1 1 . 
[0047] In practice it has been observed that the smart 
card reader according to the invention fully achieves the 
intended aim and objects, since it allows to provide an 
electronic security key for a software program and al- 
lows, by using a smart card inside it, to store for example 
part of the program on the smart card itself, to send a 
smart card activation recognition PIN which accordingly 
enables communication with the personal computer to 
which the reader is connected, and to detect an une- 
quivocal distinctive feature of the user, such as his fin- 
gerprint, in orderto allow him to access the software pro- 
gram installed on the personal computer. 
[0048] Finally, the possibility of having a smart card In 
which multiple PINs are stored allows the user, by way 
of the selection means, to select in each instance the 
PIN he wants and therefore for example to allow the en- 
abling of a particular software program or to differentiate 
the user, for example by storing the fingerprints of mul- 
tiple users on the same reader. 
[0049] In this manner, the reader according to the in- 
vention can be used not only on different personal com- 
puters but also for different software programs, allowing 
to program in each instance the chosen PIN in order to 
allow communication between the reader and the per- 
sonal computer, as regards a particular software pro- 
gram to which the user is to be allowed access. 
[0050] The reader thus conceived is susceptible of 
numerous modifications and variations, all of which are 
within the scope of the same inventive concept; all the 
details may furthermore be replaced with other techni- 
cally equivalent elements. 

[0051] In practice, the materials used, as well as the 
contingent shapes and dimensions, so long as they are 
compatible with the specific use, may be any according 
to requirements and to the state of the art. 
[0052] The disclosures in Italian Patent Application 
No. MI2000A001 425 from which this application claims 
priority are incorporated herein by reference. 
[0053] Where technical features mentioned in any 
claim are followed by reference signs, those reference 
signs have been Included for the sole purpose of in- 
creasing the intelligibility of the claims and accordingly, 
such reference signs do not have any limiting effect on 
the interpretation of each element identified by way of 
example by such reference signs. 


Claims 

1 . A smart card reader suitable for connection to a per- 
sonal computer, characterized In that it comprises 
at least one connector meant to be connected to a 
communication port of said computer and at least 


one smart card which, when activated, is suitable 
to enable a communication between said reader 
and said personal computer, in orderto allow a user 
to access an application program installed on said 
5 personal computer. 

2. The reader according to claim 1 , characterized in 
that said connector of said reader is a USB connec- 
tor, and in that said communication port of said per- 

io sonal computer is a USB serial communications 
port. 

3. The reader according to claim 1 , characterized in 
that it comprises a container which is suitable to ac- 
ts commodate said at least one smart card, a slot be- 
ing formed In said container for the insertion of said 
at least one smart card. 

4. The reader according to one or more of the preced- 
20 ing claims, characterized in that said container 

comprises a window which is arranged so as to al- 
low to view said smart card when said smart card 
is inserted in said slot of the container. 

25 5. The reader according to one or more of the preced- 
ing claims, characterized In that it comprises first 
microprocessor means which are connected to 
memory means and are connected, by way of an 
internal bus, to second microprocessor means 

30 which are suitable to handle the communication be- 
tween said reader and said personal computer. 

6. The reader according to one or more of the preced- 
ing claims, characterized In that it comprises sen- 

35 sor means which are arranged at the surface of said 
container and are connected to said first microproc- 
essor means. 

7. The reader according to claim 6, characterized in 
40 that said sensor means comprise at least one fin- 
gerprint sensor which is suitable to detect the fin- 
gerprint of a user and compare it, through said 
memory means and said first microprocessor 
means, with a fingerprint which is stored before- 

45 hand in said memory means and unequivocally 
identifies the authorized user. 

8. The reader according to one or more of the preced- 
ing claims, characterized in that it comprises se- 

50 lection means which are connected to said first mi- 
croprocessor means and are suitable to select a 
specific PIN of said at least one smart card. 

9. The reader according to one or more of the preced- 
55 jng claims, characterized In that said at least one 

smart card contains part of said software program 
installed on said personal computer. 
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10. The reader according to one or more of the preced- 
ing claims, characterized In that it comprises at 
least one LED which is suitable to give indications 
as to the result of the connection between said read- 
er and said personal computer. 5 
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